Posted
by
CmdrTaco
on Monday October 22, 2001 @01:11PM
from the don't-know-what-this-means dept.

Ross Vandegrift writes: "Alan Cox released 2.2.20pre10 today, which includes security fixes. He is refusing to indicate what security holes have been fixed, as Unix-style permissions could be used as an anti-circumvention device. The thread starts here. " It'd be great if people could read the threads here and try to figure out what is going on. I'm a little lost, but it looks like he's being overzealous.

Hey, remember that time Felten wrote a paper and couldn't release it cuz it was a circumvention device?

Or that time I wanted to play DVDs in Linux and couldn't because I needed a circumvention device?

Or when some Russian dude got locked up away from his family because he wanted to let blind people use eBooks?

Overzealous my ass. This is a problem and we need to take a stand, whether it's "reasonable" or not. People need to understand what is at stake - and what better way to help that process than by showing them?

It seems to me that Alan is just trying to make a point about how ridiculous the DMCA is in this case by taking this relatively extreme position how the DMCA throws a wet blanket onto legitimate security discussions.

Last time I checked, Alan Cox didn't live in the US. And he has been vocal about not holding conferences in that country - because of what happened to the eBook fair use guy - so I imagine he's not intending to travel there either. Is he trying to establish a precedent that restrictive laws passed in one country apply worldwide?

Of course, when he filed suit against the RIAA, the RIAA realized they were trapped and fell on their sword.

They didn't fall on their sword, they threw it out of the picture and said "What sword?"

Which is the most chilling of all chilling effects -- they get to delay publication of information they're not happy with, then when someone calls their bluff they change their story and say they have no objections, and (according to the DOJ's interpretation), therefore, no prior restraint actually happened and you can't sue to prevent it from happening again.

You know, mid-term elections are happening in almost exactly a year. We all know that voter turnout sucks, especially for off years. What're the chance of a Slashdot party (hell, we're even Green) forming and fielding some geek candidates in key areas? I know my district has had the Republican incumbent running essentially unopposed for years. And we're home to Worldcom, AOL, and many other geek-heavy companies. Hell, these geek companies together probably employ as many people as voted in the entire district in '98, anyway.

He's not only being over-zealous. He's being downright dumb. The chance of this actually being used against the developers is so small that it's almost unimaginable. He's just trying to piss off the US citizens who want to know what the vulnerabilities are so they'll get the law changed. We've been trying to change the law but Congress doesn't give a damn. If he's too much of a damn coward to take a chance and post known security flaws so that we can look for other ones which might be related then he needs to pass the torch to someone who won't be such a coward. Hell, he can email me with all those vulnerabilities and I'll post them publicly. I'll be your damn martyr if that's what you want because I'm not afraid. This is getting ridiculous. It's no longer open-source anymore. Now it's open-within-the-confines-of-the-law-source.

I, for one, would like to take a moment to thank Rob for setting us "Nerds" back where we belong.
Way to make us look like a bunch of childish tech-heads with no conception of the real world!
Isn't it nice for Rob to characterize all slashdotters as moronic geeks on national radio?
(That was sarcasm, you nincompoop!)

Republicans tend to not like business that deal in porn, etc, things they find morally offensive (however you feel like defining that).

More generally, "Republicans" do not favor government interference in commerce, and do favor government interference in "moral" conduct. The Republican definition of "moral" seems to coincide with the Religious Right (which is also apparently a vocal subset of Republicans), and does not address most business/commercial practices unless they are also "immoral" for non-business-related religious reasons (e.g., porn).

Conversely, the "Democrat" viewpoint seems to be in favor of government interference in commerce, but against government interference in non-business-related moral issues.

As far as I can tell, "Libertarians" seem to be against government interference in any area. Of course, all of these groups tend to favor any government decision that furthers their more immediate goals, or hinders the immediate goals of the other parties. For the Libertarians, this results in an oddly self-referencing approach where one acceptable role of government is to prevent government interference.

This applies to the United States of (North) America, naturally. YMMV.

I don't really think he's preaching at all. I don't interpret this as making a point. I interpret it as he really is scared of the U.S and the DMCA and doesn't want to be held accountable in the future for any of his past actions.

I am a libertarian, and I must say that i dont favor elimination of unions.

Unions should be legal because the constitution guarantees the right to free association. Unionize whenever and however you want. Fine by me.

However, I do oppose most unions on a personal level - for the most part these days they do not represent the people they claim and often have agendas hidden so deep as to obscure the initial beliefs that they claim to support.

Anyone who discloses a hack of any kind is committing a crime by helping other people to crack systems.

If Alan Cox had disclosed how the hack that he just fixed worked, then the disclosure of the just-fixed hack could be used to crack systems that are not yet patched.

Ergo, disclosure of the bug that he fixed would be illegal in the USA, and that means that by disclosing this to people in the USA would land him in prison next time he arrives in the land of the free!!

How is he taking the argument to those whose opinions need to be changed, notably Congress?

How is it his "job" to take it to Congress? I don't think he's American; isn't he British? (If I'm wrong here then feel free to ignore this post.) US Congress people apparently don't even listen to anyone outside of their individual constituency, let alone someone from another country.

You Americans will have to carry the can on this one. We "damn furriners" can complain but you are the only ones that can actually get something changed. It is your country, not ours, and your government is your responsibility (in my opinion.)

My assumption is that the Coup you speak of is the DMCA...and I agree with you there...the key difference, is that most of America is blissfully unaware that it even happened. I tell people all the time in discussions who daily lives touch the DMCA in many many ways. The ususal reaction is:

The SSSCA, which could become DMCA's darker sibling, has even more for Alan Cox to ponder. In fact, I just finished a weekend writing a fairly long letter to my representatives, and sent it only a few moments ago, so that it may get there in time for a Senate Commerce Committee hearing on the 25th.

OK, so Alan might have gone a little bit overboard, but in order for something as silly as the DMCA (or all of the other silly pieces of legislation the bought and paid for politicians in the US have and will push through) to get thrown out, enough people have to care.

Most of us care, but not enough to make an effort.

The average voter has no idea who their enemy is. The average voter does not know that the giant media corporations are trying to fence in everyone who wants to read a book, listen to a piece of music or (God forbid!) enjoy a movie on their viewing device of choice. Not unless they can ensure that every time "their property" is perused, you have to pay.

The giant media corporations are the enemy. The problem is that most of you will scream bloody murder for every piece of stupid IP controlling legislation that is passed -- yet tomorrow you will take your kids to Disney World, or buy them a Mickey Mouse T-shirt...

As far as I can tell, "Libertarians" seem to be against government interference in any area. Of course, all of these groups tend to favor any government decision that furthers their more immediate goals, or hinders the immediate goals of the other parties. For the Libertarians, this results in an oddly self-referencing approach where one acceptable role of government is to prevent government interference.

I am a minarchist libertarian, and here is my attempt to briefly describe libertarianism.

First of all, the difference between "libertarian" and "Libertarian" is that the second one specifically means a member of the Libertarian Party, while the first one just means anyone who believes in libertarian ideas. Thus Thomas Jefferson could be called a libertarian, but he was not a Libertarian.

The defining principle that all libertarians must believe in (or else they are not really libertarians) is that people own themselves, and the product of their own labor. All else follows from that.

Because people own themselves, it is wrong for government to outlaw behavior that doesn't hurt anyone but the person doing it. Thus it is wrong for government to outlaw smoking, or outlaw eating fatty foods, or outlaw prostitution. (Government may have a legitimate role regulating prostitution, for example to require medical screening of prostitutes for public health reasons, but there is no moral basis for government to outlaw it.)

Because people own themselves, government should not prevent them from freely entering into contracts. Government can legitimately have a role in enforcing contracts. (The major areas where government is useful: national defense, enforcing the laws against violence and theft, and enforcing contracts.) Because of this, if Microsoft wants to require product activation, government shouldn't tell them they can't do that. It's up to people to vote with their dollars. (Note that it was not government that finally dethroned IBM from its monopoly position, it was the free market.)

So, no libertarian can be in favor of a law like the DMCA. The record companies could have annoying license agreements, and libertarians would not be in favor of using government to force the companies to not have them, but the kind of free speech infringement that the DMCA is all about would be right out. And of course no libertarian would be in favor of outlawing encryption.

P.S. In case you are wondering, a "minarchist" libertarian is in favor of a minimal government; an anarchist is in favor of no government. There are many libertarians who believe that we don't need a government at all; the free market can solve all problems. Minarchists like me think we do need a small government to handle things like national defense.

Well I can play dvd's under linux, just not legally. What people don't realize is that people still find a way, it just forces them to take the effort unground and do it illegally. We'll see more and more of this kind of "illegal" activity with the DMCA around, I guarantee it. Only when the minority opinion becomes the majority will the DMCA be repealed. That's how politics works.

I can legally view DVD's on my Linux computer.
I can legally download DECCS.
I can legally buy a DVD player which is regioncode free.
The reason is very simple.
I live in the Netherlands and we don't have the DMCA.
Second, large corporations don't have as much influence on Dutch law as they do have in the US.
Second, contrary to the US we don't have a duocracy.
And third, we don't give a fuck about the US.

Do you know anything about the DMCA? It has nothing to do with cracking computer systems. It prevents people from cracking cryptography used to protect copyrighted material. Now how this would be relevant to kernel changelogs, I don't know.

The US is workin it's way into an information tyrrany. The reaction to the 'terrorist threat' is being used as an excuse to accelerate that process.

The laws associated with copyright and information are so vague and general that it's not surprising that it could be determined that they prevent people from talking about security problems...

Think about it for a minute. Skylerov is in a US jail for a program that his employer sold -- this despite the fact that he put in safeguards to prevent his program's rampant misuse.

If current 'anti-terrorism' laws get passed, things are simply going to get worse... The government is going to be able to spy on us on spec, and arrest us because they 'suspect that he may do something nasty' -- like (in some cases) simply go on strike.

If our course doesn't change radically and quickly, I think that we are in for an information-age Mcarthy era. Cox was made aware of this specific writing on the wall, and he decided to take it seriously. He is, in his own way, inviting us to do the same.

There are times when it is appropriate to willfully break the law, but it should be done carefully and sparingly. Breaking the law just because it is 'inconvenient' is a bad idea. It opens you up to getting your ass really nailed to the wall later on when you do something to get people pissed off.

Cox is a high-profile person. The fact that he doesn't want to risk going to jail for a Skylerov style test case is not something that we should be denouncing him for -- we should be denouncing a law that is so broad that he has to reasonably worry about making security information available to people who have a reasonable need to know.

Urrrm...
Several hundred years ago, America had a rather large fight, to escape the stupidity of having to make ridiculous payments that were enshrined in Law.
As a Brit, I always thought that the American War of Independance was a thoroughly justified action. It needed to be done. And it was. All was great.
Since then, Europe grew up. It's still bound with silly and ridiculous things, but it's pretty lax on the whole.. I think it burned out it's fervour hundreds of years ago, and learned that the world was a very small place...
Now, however, the US seems to be heading towards where Europe was hundreds of years ago, enacting new laws for corporate profit and so on...
Over here, you find houses with windows bricked up, as long ago, there was a 'window tax' on buildings to get more money for the treasury.. We consider this really stupid...
The people at the time probably thought it was stupid...
But what would they think if you told them you had to pay more every time you read a book you'd already purchased?
Most of the restrictions being placed on media to restrict copy can be thought of as nothing more than a "Corporate Media Tax".. You're being taxed by the corporations for moving something you own to a more modern media.
Yeah, Europe is a bit loony, no we're not pissed that you're now the masters of "Taxation without Representation", we're just highly surprised, and a little bit worried about taking a step down that particular memory lane.
Personally, I'm avoiding going to the US whereever possible. I used to love it, as I have many friends there.. Now, I'm just worried...